WordPress Plugin Vulnerabilities

WooCommerce <= 3.6.4 - Cross-Site Request Forgery (CSRF) & File Type Check

Description

Changelog mentions:

Security – Introduce file type check for tax rate importer.
Security – Added nonce check to CSV importer actions.

RIPS Tech later released an advisory detailing the vulnerability, which can be found in the references.

Affects Plugins

Plugin icon
woocommerce
Fixed in 3.6.5

References

URL
https://blog.ripstech.com/2019/woocommerce-csrf-to-stored-xss/
URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=2116363%40woocommerce&old=2096035%40woocommerce
URL
https://twitter.com/WooCommerce/status/1147543261814374401

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Original Researcher
RIPS Tech
Verified
No
WPVDB ID
4760a717-3f2d-4491-bfb1-ae0754c3bda5

Timeline

Publicly Published
2019-07-07 (about 6 years ago)
Added
2019-07-07 (about 6 years ago)
Last Updated
2019-11-28 (about 6 years ago)

Other

Published
Title
Published
2023-04-05
Title
YourChannel < 1.2.5 - Multiple CSRF
Published
2026-01-23
Title
SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity < 2.5.3 - Cross-Site Request Forgery to Survey Renaming
Published
2014-12-14
Title
Yurl Retwitt <= 1.4 - Multiple CSRF
Published
2023-12-27
Title
Inline Image Upload for BBPress < 1.1.19 - Cross-Site Request Forgery via hm_bbpui_admin_page
Published
2025-08-14
Title
WPDM – Premium Packages < 6.0.3 - Cross-Site Request Forgery